OC REALTORS® Blog

6 Things You Should Do When Your Email Gets Hacked

Getting your email hacked can happen to any of us, and it can be alarming. The most popular way people realize that their email has been hacked is when a friend or family member lets them know that they received a strange email from them.

Email hackers target the public to take money from them fraudulently. One popular way they take people’s money is by getting unauthorized access to your email account and sending an email to your contacts. The email may state that you are on vacation overseas and suddenly need help and money – could they please send money right away to the mentioned account.

Unaware that it wasn’t really you who sent the email, and because it seems like a legitimate email from you, some contacts do send money to the fraudsters.

If you ever recognize that your personal email has been hacked, do these six things to mitigate risk:

1. Change your email password right away – Log into your email provider’s web mail portal and go to your account settings. Typically, there is a Security section where you have the option to change your password. Choose a new, strong password that does not resemble the previous one.

If you no longer have access to the account, use the ‘Forgot Password’ option to create a new one and recover access to your account.

If you used this password in other sites/accounts, change those passwords as well and don’t use the same password in multiple sites.

3. Scan for Viruses, Malware, and Spyware – There is a possibility that your computer/laptop may have contracted a virus, malware, and/or spyware in the process. Running a virus scan like Norton, Kaspersky, Avast, and AVG is highly recommended. Additionally, running anti-malware software, such as Malwarebytes, has shown great results extracting these malicious infections.

4. Alert your contacts – Use another medium to let your contacts know that your email has been hacked (text message, phone, a different email address) and request that if they recently received an email from you, they delete it without opening it, clicking on any links or downloading attachments. If you are sending an email, the Email Subject should be a warning that grabs the reader’s attention. For example: Please do not open any emails from XXX date to XXX date. (You may even want to send them this list of helpful tips).

5. Report the hack to your provider – Different providers have different methods for reporting these incidents; search their website for their instructions.

6. Continue to monitor your email, financials, and other sensitive information – Over the years, you may have sent sensitive information which may still be in your email history. Hackers could have accessed it. Continue to monitor carefully the activity on your credit cards, including your real estate transactions and other sensitive areas, to ensure no one else is accessing them.

How did this happen to me?There are multiple ways it could have happened. One possible way is that your email was hacked while you accessed your email using a public Wi-Fi. A common approach that hackers use is called Evil Twin, and it works like this: Say you are at your favorite local coffee shop named “Strong Joe”, and you want to take advantage of their free Wi-Fi. What hackers will do is set up a second hotspot in that location, naming it similar to the authentic hotspot for that business. For example: The authentic hotspot for the business may be “Strong Joe,” while the hacker’s hotspot may be “Strong Joe FASTEST.” Sometimes business patrons will not notice that there are more than two hotspots with the name, and inadvertently use the hotspot that is set up by the hackers. While using the hotspot trap that hackers created, you may decide to log into your email and catch up with work, friends or family. When you do this, the hacker’s hotspot can grab the email’s security packets, which contain your credentials. And there you have it. You’ve been hacked without realizing it.

Should I stop using public hotspots?Not necessarily – just be careful when logging into free, Wi-Fi hotspots. Ask an employee for the correct Service Set Identifier (SSID) and password so that you are not inadvertently using one that a hacker has set up, and use public hot spots only for web browsing – not for online shopping, banking or accessing anything that requires entering your user name and password.

Beyond the Personal Email Hack: Reporting Real Estate FraudIn addition to the email scams that the general population can experience, real estate professionals are also vulnerable to professional fraud when their emails get hacked because real estate transactions often require the transfer of significant sums of money. These types of scams are more sophisticated than what the general public will experience, and rather than covering the details in this article, we will provide you the link to a video that the National Association of REALTORS has created to educate REALTORS on this issue.